Heartbleed qui est une faille sur Linux qui date pratiquement de la première version a été découvert et publié avant sa correction. Il y a eu aucun scandale à ce niveau.
According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team reported Heartbleed on April 1, 2014.[28]
...
Bodo Moeller and Adam Langley of Google prepared the fix for Heartbleed. The resulting patch was added to Red Hat's issue tracker on March 21, 2014.[32] Stephen N. Henson applied the fix to OpenSSL's version control system on 7 April.[33] The first fixed version, 1.0.1g, was released on the same day.
Partager